[didip]

* Kibana on ElasticSearch. This is huge. You get a polished Search & Graphing UI with very little effort.

* Much more approachable config.

* Its clustering is easier to setup.

* Eventhough logstash is a bit heavy for my taste, the whole ELK stack is really nice for aggregating server logs.

[bbq]

Agreed about logstash being too heavy for your app servers. It would be nice to have the functionality in a trim, native binary.

As things are, one can always direct an app sever's syslog to a logging fleet running logstash (or elasticsearch running embedded logstash): http://cookbook.logstash.net/recipes/rsyslog-agent/

[tveita]

I think that's what Heka is supposed to be.

It looks pretty promising, but I have yet to meet anyone who uses it.

https://blog.mozilla.org/services/2013/04/30/introducing-hek...

[bbq]

Oh, that looks very nice. Neat to embed Lua as a sandboxed plugin environment.

[btgeekboy]

Re: logstash too heavy

That's what logstash-forwarder[1] (formerly lumberjack) is for. It's in Go, not Java.

[1] https://github.com/elasticsearch/logstash-forwarder

[caw]

I use beaver, which is a python variant of the logstash agent

[arafalov]

Solr has an ELK equivalent, called SILK. Actually uses most of the same components (Banana=Kibana for Solr, etc): http://www.lucidworks.com/lucidworks-silk/